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Title: 



Portable microprocessor-assisted data medium 



which can be operated both in contacted and 



contact less fashion 



The invention relates to a portable microprocessor- 
assisted data medium which can be operated both in 
contacted and contactless fashion. In this context the 
portable data medium is preferably in the form of a 
smart card. 

Contacted cards have electrical contact surfaces for 
the supply of power and for data interchange with a 
corresponding data input/data output unit operating in 
contacted fashion when in physical contact. Contacted 
cards have been widespread for a relatively long time 
as access authorization cards for GSM mobile radio 
systems, telephone cards, health insurance cards, bank 
cards etc. 

Contactless cards contain a coil as an antenna for the 
supply of power and for data interchange with a 
corresponding data input/data output unit operating in 
contactless (inductive) fashion. In this context, the 
card is provided with an antenna interface which uses 
an AC voltage induced in the coil to produce a DC 
voltage for supplying voltage to the microprocessor. 
The antenna interface also serves as a signal converter 
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for the data which is to be interchanged between the 
contactlessly operating terminal and the 

microprocessor. The antenna interface is preferably 
integrated on a semiconductor module together with the 
5 microprocessor. 

The subject of the invention is a portable 
microprocessor-assisted data medium which combines the 
two sets of functions (contacted and contactless) 
10 within itself. Such portable data media are known by 
the * terms Combi card (combination of contacted and 
contactless functions) or Dual Interface Card (card 
with contacted and contactless interface) . 



15 The type of data transmission between the portable data 
medium and a data input /data output unit operating in 
contacted fashion is naturally different from the type 
of data transmission between the portable data medium 
and a data input/data output unit operating in 

20 contactless fashion. Different transmission protocols 
are used for the portable data medium' s contacted mode 
and contactless mode. Indeed, different transmission 
protocols (T = 0, T = 1, T = 14) are known only for the 
contacted mode. 

25 



The portable data media which are the subject of the 
invention support both at least one transmission 
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protocol for the contacted mode (e.g. T = 1) and a 
transmission protocol for the contactless mode. 

The portable data media forming the subject of the 
invention have an operating system which - irrespective 
of the type of data transmission - processes and 
administers the data stored in various memory areas on 
the basis of the commands received from the respective 
data input /data output unit. 

In turn, one, two or more application programs can be 
installed on such an operating system. Such portable 
data media on which a plurality of application programs 
are installed are also called multifunctional smart 
cards. The portable data medium forming the subject of 
the invention would then be referred to as a 
multifunctional Dual Interface Card. In this context, 
each application can have various memory areas 
allocated to it. Thus, by way of example, the portable 
data medium could comprise a cash card application 
supervised by banks and a local public passenger 
services application supervised by a local public 
passenger services network operator. In this context, 
the cash card application would be allocated a cash 
fund as the memory area and the local public passenger 
services application would be allocated a corresponding 
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local public passenger services fund as the memory 
area . 

Whereas a prerequisite for contacted use of the 
portable data medium is always that the holder of the 
portable data medium consciously and deliberately 
introduces it into the appropriate data input/data 
output unit, this conscious, deliberate behavior is not 
■always necessary for data transmission to take place in 
the case of contactless operation. The sometimes 
relatively long range of contactlessly operating data 
input/data output units means that data transmission 
can also take place even when the portable data medium 
is still in the data medium holder's pocket, for 
example. Thus, for example, whenever the holder passes 
through the entrance and/or exit area of underground 
stations, contactless data transmission can 

automatically be set up for the purpose of quick and 
convenient fare payment. 

However, this advantage of the contactless mode of 
operation presents a risk in a portable data medium 
which can be operated both in contactless and contacted 
fashion. This risk is that hackers could attempt to use 
a contactlessly operating data input/data output unit 
in order also to access, unnoticed, memory areas which 
are actually reserved for the contacted-mode 
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application, with access to this memory area normally 
having the prerequisite that the data medium is 
consciously and deliberately introduced into the data 
input /data output unit operating in contacted fashion. 

The object of the invention is therefore to provide a 
portable microprocessor-assisted data medium which can 
be operated both in contacted and contactless fashion 
and is provided with the assurance that it is not 
possible for memory areas which are intended to be 
reserved for the contacted-mode application to be 
contactlessly accessed without the data medium holder' s 
knowledge . 

The invention achieves this object by virtue of the 
portable data medium storing at least one data 
transmission-specific access condition for at least one 
memory area, said access condition defining, on the 
basis of the type of data transmission between the 
portable data medium and a data input/data output unit, 
the condition under which access to this memory area is 
permitted . 

The access condition may be an individual bit 
indicating, as a flag, whether or not access to this 
memory area is permitted for the current type of data 
transmission (contacted or contactless) . 
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The procedure used according to the invention is that, 
before this memory area is accessed, i.e. before a 
command transmitted by the data input/data output unit 
is executed, the portable data medium itself uses a 
checking program stored in the portable data medium to 
read the data transmission-specific access condition 
associated with this memory area. It then checks 
whether, in consideration of the access condition, the 
desired access command is permitted in the case of the 
particular current type of data transmission. The 
corresponding access command is then executed only if 
the result of the check is that this access is 
permitted. In this context, the portable data medium 
stores a respective item of information about what the 
current data transmission type is, i.e. which 
transmission protocol is currently being used. 

The inventive provision of a data transmission-specific 
access condition thus reliably ensures that access to 
particular memory areas is prohibited in the case of 
contactless data transmission, while access is 
permitted in the case of contacted data transmission. 

In this context, access in the case of contactless data 
transmission is blocked generally in one embodiment. 
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In another embodiment, the access restriction applies 
only to particular access types (commands), while other 
access types are permitted. In this context, a single 
access condition may be provided which defines for 
various access types different conditions under which 
this access type is permitted. As an alternative to 
this, a dedicated data transmission-specific access 
condition is provided for each access type. 



In addition, the reverse configuration is also within 
the scope of the invention, where, in the case of 
contacted operation, appropriate access conditions are 
used to block access to particular memory areas which 
are intended to be reserved only for the contactless 
mode . 



Furthermore, provision is also made for at least one 
data transmission-specific access condition to be 
provided only for the contacted mode, said access 
condition defining, on the basis of the active 
contacted transmission protocol (T = 0, T = 1, T = 14), 
the condition under which access to a memory area is 
permitted . 



In this context, the data transmission-specific access 
condition according to the invention can be input into 
a freely programmable nonvolatile memory in the 
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portable data medium by authorized agencies using an 
item of secret information, and the access conditions 
may preferably also be reprogramed. The access 
conditions are programed in so-called initialization 
and/or personalization steps. 

Instead of freely programing the access conditions, 
they may also be stored in a nonmodif iable read only 
memory (ROM) . 

The appended drawings will be used to explain the 
invention in more detail below. 

Figure 1 shows the portable data medium in the form of 
a smart card. For the contacted mode of operation, said 
smart card has electrically conductive contact surfaces 
(Ki) on one side of the card. For the contactless mode 
of operation, an antenna (A) in the form of a coil is 
situated in the card body. For illustrative purposes, 
the card body is shown open at two places in the region 
of the coil winding. 

Figure 2 shows a schematic illustration of the portable 
data medium. It shows the semiconductor module 
containing a microprocessor, a memory and an integrated 
antenna interface. The antenna (A) is connected to one 
side of this one semiconductor module by means of 
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appropriate connecting lines (LA) , and the contact 
surfaces (Ki) are connected to the other side of it by 
means of appropriate connecting lines (LKi) . In 
addition to the CPU as the central arithmetic and logic 
unit, the semiconductor module contains a read only 
memory (ROM) , which stores at least sections of the 
operating system, and a volatile main memory (RAM) . In 
addition, there is a nonvolatile programmable memory 
(EEPROM) divided into various memory areas. This memory 
can store, amongst other things, a section of the 
operating system. Furthermore, it contains the 
application programs with appropriate memory areas as 
data fields. 

Figure 3A is a schematic illustration of the portable 
data medium in conjunction with a data input /data 
output unit operating in contacted fashion; Figure 3B 
is a schematic illustration of the portable data medium 
in conjunction with a data input/data output unit 
operating in contactless fashion. 

Figure 4 is a schematic exemplary illustration of 
various memory areas of the EEPROM memory with the 
appropriate access conditions according to the 
invention. In this context, the i-th memory area is 
provided as a data field for a cash fund which is used 
in connection with the contacted cash card application. 
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In addition, there is the j-th memory area, which is 
used as the data field for a further fund, which is 
used in connection with the contactless local public 
passenger services application. In this case, the "cash 
fund" memory area has 4 associated access conditions 
(AC1, AC2, AC3 , AC 4 ) , which define access to this 
memory area on the basis of the contacted or 
contactless mode of operation. In the simplest case, 
the access conditions are stored as a flag in the form 
of a single bit which can be set or not set. 

Thus, for example, the meanings are as follows: 



AC1 = 


1: 


Read command permitted in contacted mode, 


AC1 - 


0: 


Read command prohibited in contacted mode, 


AC2 = 


1: 


Update command permitted in contacted mode, 


AC 2 = 


0: 


Update command prohibited in contacted mode, 


AC 3 = 


1: 


Read command prohibited in contactless mode, 


AC 3 = 


0: 


Read command permitted in contactless mode, 


AC 4 = 


1: 


Update command prohibited in contactless 


mode, 




Update command permitted in contactless mode. 


AC 2 = 


0: 



The same applies to the access conditions for the local 
public passenger services fund. 
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The access conditions themselves can be read internally 
(in the portable data medium) in both modes of 
operation. Optionally, the access conditions can also 
be read by the data input/data output units. They may 
be changed only by authorized agencies, however. 



